Analysis by: Dhan Praga

Cybercriminals have recently capitalized on the ongoing conflict in Libya to perpetuate their malicious activities. TrendLabs engineers spotted a spammed message that purports to come from the third son of Libya's president, Muammar al-Gaddafi.

The email message bears the subject “Top Secret” and informs the recipients that Gaddafi’s son will no longer support his father. In the email, “Gaddafi’s son” also asks for business advice and assistance for his family to settle down in the country of the recipient. According to the email, in return for this, he will give 30% of his million-dollar possession.

The mail sample is in HTML format. Some of the spelling in the email message is incorrect, which indicates that this is a scam. Users are strongly advised to be wary in opening emails from unknown sources.
 SPAM BLOCKING DATE / TIME: April 10, 2011 GMT-8
 TMASE INFO
  • ENGINE:6.5
  • PATTERN:8066